cve-mcp

English | 简体中文 | 繁體中文 | 한국어 | Deutsch | Español | Français | Italiano | Dansk | 日本語 | Polski | Русский | Bosanski | العربية | Norsk | Português (Brasil) | ไทย | Türkçe | Українська | বাংলা | Ελληνικά | Tiếng Việt | हिन्दी

CVE & vulnerability intelligence for AI agents.

NVD, EPSS, CISA KEV, GitHub Advisory, and OSV — unified into a single MCP server.
Your AI agent gets vulnerability intelligence on demand, not a 200-page report.

The Problem • How It's Different • Quick Start • What The AI Can Do • Tools • Data Sources • Architecture • Contributing • Changelog

---

The Problem

Vulnerability intelligence is scattered across multiple databases. NVD has CVE details. EPSS tells you exploitation probability. CISA KEV tracks actively exploited vulns. GitHub Advisory covers open source packages. OSV maps vulnerabilities to specific package versions. No single tool aggregates them, and none work with AI agents.

Traditional workflow:
  search NVD for CVE details          →  navigate a clunky web UI
  check EPSS for exploitation risk    →  separate API, separate format
  look up CISA KEV status             →  download a JSON feed manually
  search GitHub advisories            →  yet another interface
  query OSV for package impact        →  different API, different schema
  correlate everything                →  copy-paste into a spreadsheet
  ──────────────────────────────────
  Total: 30+ minutes per CVE, longer for bulk triage

cve-mcp gives your AI agent 23 tools via the Model Context Protocol. The agent queries all five sources in parallel, correlates data, calculates risk scores, and tells you exactly what matters.

With cve-mcp:
  You: "Prioritize these 10 CVEs by actual exploitation risk"

  Agent: → fetches CVSS scores from NVD
         → gets EPSS exploitation probability for each
         → checks CISA KEV for actively exploited
         → cross-references GitHub advisories for patches
         → "3 are critical: CVE-2024-3400 (EPSS 97%, in KEV),
            CVE-2023-44487 (HTTP/2 rapid reset, EPSS 96%),
            CVE-2021-44228 (Log4Shell, EPSS 97%, in KEV).
            Here are patches and affected versions..."

---

How It's Different

Existing tools give you raw data. cve-mcp gives your AI agent the ability to reason about vulnerabilities.

	Traditional Tools	cve-mcp
Interface	Web UI / CLI / raw API calls	MCP — AI agent calls tools conversationally
Data sources	One database at a time	NVD + EPSS + KEV + GHSA + OSV in parallel
Risk scoring	CVSS only (severity, not exploitability)	CVSS × EPSS × KEV = actual risk priority
Correlation	Manual copy-paste	Agent enriches: "This CVE has CVSS 9.8, EPSS 97%, is in KEV, affects [email protected]"
Bulk triage	One CVE at a time	Agent prioritizes 50 CVEs in a single conversation
Package impact	Separate OSV/GHSA lookup	Agent finds affected packages + versions automatically
Dependencies	Heavy CLI tools, Python environments	2 runtime dependencies, runs with npx

---

Quick Start

Option 1: npx (no install)

npx cve-mcp

Option 2: Clone

git clone https://github.com/badchars/cve-mcp.git
cd cve-mcp
bun install

Environment variables (optional)

# Increases NVD rate limit from 5 to 50 requests per 30 seconds
export NVD_API_KEY=your-nvd-api-key

# Enables GitHub Advisory search (60 → 5000 requests/hour)
export GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Both are optional. The server works without them, just with lower rate limits.

Connect to your AI agent

Claude Code

# With npx
claude mcp add cve-mcp -- npx cve-mcp

# With local clone
claude mcp add cve-mcp -- bun run /path/to/cve-mcp/src/index.ts

Claude Desktop

Add to ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "cve-mcp": {
      "command": "npx",
      "args": ["cve-mcp"],
      "env": {
        "NVD_API_KEY": "optional-key",
        "GITHUB_TOKEN": "optional-token"
      }
    }
  }
}

Cursor / Windsurf / other MCP clients

Same JSON config format. Point the command to npx cve-mcp or your installation path.

Start querying

You: "What do you know about CVE-2024-3400?"

That's it. The agent handles the rest.

---

What The AI Can Do

Incident Response

You: "We got hit by CVE-2024-3400. Give me everything."

Agent: → cve_enrich {cveId: "CVE-2024-3400"}
       → NVD: PAN-OS command injection, CVSS 10.0
       → EPSS: 97.2% exploitation probability
       → KEV: Added 2024-04-12, due 2024-05-01
       → GHSA: No open source advisory (commercial product)
       → exploit_search: 23 PoC repos on GitHub
       → "Critical. Actively exploited in the wild.
          PAN-OS GlobalProtect, versions < 10.2.9-h1.
          Patch immediately. CISA deadline: May 1."

Vulnerability Prioritization

You: "Prioritize these CVEs from our scan: CVE-2021-44228, CVE-2024-3400,
      CVE-2023-44487, CVE-2024-21762, CVE-2023-4966"

Agent: → cve_prioritize {cves: [...]}
       → Ranks by CVSS × EPSS × KEV multiplier
       → "#1: CVE-2024-3400 (risk: 19.44, CVSS 10.0, EPSS 97%, KEV)
          #2: CVE-2021-44228 (risk: 19.40, CVSS 10.0, EPSS 97%, KEV)
          #3: CVE-2023-4966 (risk: 19.10, CVSS 9.4, EPSS 97%, KEV)
          All 5 are in CISA KEV — patch all immediately."

Dependency Audit

You: "Check if lodash 4.17.20 and django 3.2.0 have known vulnerabilities"

Agent: → osv_batch {queries: [
          {package: "lodash", version: "4.17.20", ecosystem: "npm"},
          {package: "django", version: "3.2.0", ecosystem: "PyPI"}
       ]}
       → "lodash 4.17.20: 3 vulnerabilities (prototype pollution)
          django 3.2.0: 12 vulnerabilities (SQL injection, XSS)
          Upgrade lodash to 4.17.21+, django to 4.2+"

Threat Monitoring

You: "What are the most likely to be exploited CVEs right now?"

Agent: → cve_trending {limit: 10, minEpss: 0.9}
       → "Top 10 by exploitation probability:
          1. CVE-2024-3400 — PAN-OS (EPSS 97.2%, CVSS 10.0, KEV)
          2. CVE-2023-44487 — HTTP/2 Rapid Reset (EPSS 96.5%, CVSS 7.5, KEV)
          ..."

CVSS Deep Dive

You: "Break down this CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"

Agent: → cvss_parse {vector: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}
       → "Score: 10.0 (CRITICAL)
          Network attack vector, no privileges required, no user interaction.
          Scope changed — can impact other components.
          Full compromise: confidentiality, integrity, and availability."

---

Tools Reference (23 tools)

NVD (4)

Tool	Description
nvd_search	Search CVEs by keyword, severity, CWE, date range
nvd_get	Get full CVE details (CVSS, CWE, CPE, references)
nvd_recent	Recently published/modified CVEs
cve_by_product	Search CVEs by product name (CPE keyword match)

EPSS (2)

Tool	Description
epss_score	EPSS exploitation probability for one or more CVEs
epss_top	Top CVEs by exploitation probability

KEV (3)

Tool	Description
kev_check	Check if CVE(s) are in CISA Known Exploited Vulnerabilities catalog
kev_search	Search KEV by vendor, product, or keyword
kev_recent	Recently added KEV entries

GHSA (2)

Tool	Description
ghsa_search	Search GitHub security advisories by keyword, ecosystem, severity
ghsa_get	Get advisory details by GHSA ID or CVE ID

OSV (3)

Tool	Description
osv_query	Query vulnerabilities for a specific package version
osv_get	Get vulnerability details by OSV/GHSA/CVE ID
osv_batch	Batch query multiple packages at once

Exploit (1)

Tool	Description
exploit_search	Search for public PoC exploits (GitHub repositories)

CWE (1)

Tool	Description
cwe_lookup	Look up CWE weakness by ID or search by keyword

CVSS (1)

Tool	Description
cvss_parse	Parse and explain a CVSS v3.1 vector string with score calculation

Meta (6)

Tool	Description
cve_enrich	Full enrichment: NVD + EPSS + KEV + GHSA + OSV in parallel
cve_prioritize	Rank CVEs by risk (CVSS × EPSS × KEV multiplier)
cve_trending	Currently trending CVEs by exploitation probability
cve_compare	Side-by-side comparison of two CVEs
cve_list_sources	List all data sources and their availability
cve_report	Generate a markdown vulnerability report

---

Data Sources

Source	Auth	What it provides
NVD	Optional NVD_API_KEY	CVE details, CVSS scores, CWE mappings, CPE affected products, references
EPSS	None	Exploitation probability score (0-1) and percentile ranking
CISA KEV	None	Known exploited vulnerabilities with remediation deadlines
GitHub Advisory	Optional GITHUB_TOKEN	Open source security advisories, affected packages, severity
OSV	None	Package-level vulnerability data across 16+ ecosystems

Risk Score Formula

Risk Score = CVSS Base Score × EPSS Score × KEV Multiplier

Where:
  CVSS Base Score  = 0-10 (severity from NVD)
  EPSS Score       = 0-1 (exploitation probability from FIRST)
  KEV Multiplier   = 2 if in CISA KEV, 1 otherwise

This gives a practical risk score that balances severity (CVSS) with real-world exploitation likelihood (EPSS) and known active exploitation (KEV).

---

Architecture

src/
├── index.ts                    Entry point + MCP stdio
├── types/
│   └── index.ts                ToolDef, ToolContext, ToolResult, API types
├── protocol/
│   ├── tools.ts                23 tool definitions (Zod schemas)
│   └── mcp-server.ts           MCP server + stdio transport
├── nvd/
│   ├── index.ts                NVD API v2 — search, get, recent
│   └── cpe.ts                  Product/CPE search
├── epss/
│   └── index.ts                EPSS — score, top
├── kev/
│   └── index.ts                KEV — check, search, recent (cached)
├── ghsa/
│   └── index.ts                GitHub Advisory — search, get
├── osv/
│   └── index.ts                OSV — query, get, batch
├── exploit/
│   └── index.ts                PoC search via GitHub repos
├── cwe/
│   └── index.ts                CWE database (40+ entries embedded)
├── cvss/
│   └── index.ts                CVSS v3.1 parser + score calculator
├── meta/
│   ├── enrich.ts               Full CVE enrichment (all sources)
│   ├── prioritize.ts           Risk-based CVE ranking
│   ├── trending.ts             Trending CVEs by EPSS
│   ├── compare.ts              Side-by-side CVE comparison
│   └── sources.ts              Data source health check
└── utils/
    ├── rate-limiter.ts          Queue-based rate limiter (NVD)
    └── cache.ts                 TTL cache (NVD results)

Design decisions:

• Intelligence, not audit — Unlike cloud-audit-mcp and github-security-mcp, this is a data tool. No CheckResult, no findings accumulation. Each query is independent and stateless.
• Parallel enrichment — cve_enrich calls all 5 sources via Promise.allSettled. If one source is down, the rest still return data.
• Shared rate limiter — All NVD modules share a single RateLimiter instance (6s between requests) to avoid 429 errors.
• KEV caching — The full KEV catalog (~1200 entries, ~200KB) is loaded once and cached in memory with 1-hour TTL.
• NVD result caching — Individual CVE lookups are cached with 10-minute TTL to avoid redundant API calls during enrichment.
• Embedded CWE database — 40+ top CWEs from OWASP/MITRE embedded as static data. No external API needed.
• Full CVSS calculator — CVSS v3.1 base score calculation algorithm implemented locally. Parses any vector string and explains each metric.
• 2 dependencies — @modelcontextprotocol/sdk and zod. Nothing else.

---

Limitations

• NVD API without NVD_API_KEY is limited to 5 requests per 30 seconds. Set the key for production use
• GitHub Advisory search without GITHUB_TOKEN is limited to 60 requests per hour
• Exploit search uses GitHub repository search which has its own rate limits
• CVSS parser supports v3.1 only (v2 and v4 vectors are not parsed, though v2 scores are returned from NVD)
• CWE database is embedded (40+ entries) rather than comprehensive (1000+ in full MITRE database)
• macOS / Linux (Windows not tested)

---

Part of the MCP Security Suite

Project	Domain	Tools
hackbrowser-mcp	Browser-based security testing	39 tools, Firefox, injection testing
cloud-audit-mcp	Cloud security (AWS/Azure/GCP)	38 tools, 60+ checks
github-security-mcp	GitHub security posture	39 tools, 45 checks
cve-mcp	Vulnerability intelligence	23 tools, 5 sources

---

For authorized security testing and assessment only.
Always ensure you have proper authorization before testing systems.

MIT License • Built with Bun + TypeScript